
According to the Nilson Report (Issue 1298, published December 2025), card fraud cost the global payments industry $33.41 billion in 2024. The good news: as a share of total card volume, the fraud rate is trending down, dropping to 6.43¢ per $100 in 2024, continuing a multi-year decline. It's a sign that the industry's investments in fraud detection and prevention are paying off, even as transaction volume keeps climbing.
But that’s only part of the story. Card volumes reached $51.92 trillion in 2024, and the Nilson Report now projects that they will climb to $70.73 trillion by 2030. Because of this relentless volume growth, absolute losses remain significant even as the fraud rate falls, with losses projected to reach $41.06 billion by 2030. For issuing banks, the financial and operational burden remains as heavy as ever.
Fraud isn't disappearing. Instead, it's evolving and shifting the pressure elsewhere.
The turning point in fraud
The imbalance is especially clear in the United States. While cards issued in the US represent just 26% of global card volume, they account for nearly 42% of global fraud losses, which totalled $13.99 billion in 2024.
As chip-and-PIN technology locked down in-store transactions, fraud migrated online. And online, the US remains the most exposed market in the world, because of the highest credit lines, the deepest e-commerce penetration, and historically, lighter real-time authentication requirements.
The industry has responded with 3D Secure, tokenisation, authentication protocols, and AI-powered fraud detection, all of which now run on virtually every major card network. And it's working. For the first time in years, the losses-to-fraud trend line is heading downward.
AI: both the weapon and the shield
Artificial intelligence has changed the fraud landscape on both sides. As highlighted in the Nilson Report, fraud fighters were the first group among payment card industry professionals to deploy artificial intelligence technology, and they continue to be the first adopters of every relevant AI iteration to counter emerging criminal tactics.
But so are the fraudsters; they have caught up quickly. AI now enables them to replicate merchant websites with near-perfect accuracy, launch large-scale phishing campaigns, and harvest card credentials.
Social engineering attacks have become sophisticated enough to bypass even the most hardened technical controls. Fraudsters build convincing storefronts, launch targeted phishing campaigns, and replicate legitimate platforms with near-perfect accuracy. The vulnerability has moved from the network to the account holder.
That shift is accelerating: our white paper, Disputes in the age of agentic commerce, examines how agentic commerce is impacting dispute scenarios and processes.
When the fraudster is your own customer
As technical defences have hardened, a different threat has grown in scale. First-party fraud, sometimes called friendly fraud, occurs when the account holder disputes a legitimate transaction. No stolen credentials, no compromised card, just a real customer, claiming they didn't make a purchase they did.
Unlike third-party fraud, it bypasses conventional detection entirely. It doesn't surface at login or authorisation, but shows up weeks later in dispute operations, where teams were never designed to carry that load.
The scale is now impossible to ignore. Industry findings published in the LexisNexis Risk Solutions Global Cybercrime Report Press Release reveal that first-party fraud remains the dominant threat layer globally, accounting for nearly two-in-five (38.3%) reported fraud cases. Because these specific cases are initiated by legitimate account holders utilising their actual transaction history and credentials, they remain virtually indistinguishable from genuine dispute claims until operations teams run a detailed investigation.
That's the core problem: fraud detection tools are built to catch anomalies at the point of transaction, and first-party fraud leaves none. The signal only emerges later, buried in dispute patterns, cardholder history, and behavioural data that most operations teams don't have the time or tools to piece together at scale.
Detection solves half the problem
Detection has never been better. But detection alone doesn't resolve a case, and resolution is where the cost is being felt. First-party fraud makes this harder still: it arrives in dispute queues dressed as a legitimate claim, invisible to the detection layer that was supposed to catch it.
For most issuing banks, what happens after a transaction is flagged determines the real cost of fraud. And right now, that process is under strain.
Case volumes are rising with transaction growth, but investigation processes weren't built to scale with them. Systems across fraud, disputes, and compliance teams remain fragmented, creating delays at every handoff. And regulatory expectations around KYC and KYB continue to tighten, adding compliance overhead to teams already stretched thin.
The pressure is showing up clearly in the data: according to Alloy's annual State of Fraud Report, an overwhelming 67% of financial institutions and fintechs reported that fraud rates rose over the preceding year, with 22% losing over $5 million directly to these fraud tactics. This operational and financial strain proves that legacy frameworks are buckling under current transaction weights, well before the next wave of commercial volume fully arrives.
Why the next gains will come from operational scale
Looking ahead, the challenge becomes even clearer. According to the Nilson Report, global card volumes are projected to exceed $84.75 trillion by 2034, with fraud losses reaching $48.5 billion, which is a cumulative $407.6 billion in fraud losses over the next decade.
Even as the industry successfully drives down the overall fraud rate, the sheer scale of transaction growth ensures that total losses, and the resulting dispute queues, will remain significant. For issuing banks, incremental improvements in detection will not be enough to offset this growth.
The next phase of fraud prevention will depend on the ability to scale operations effectively. That means:
- Automating case triage, evidence gathering, and routine decisions so that investigators can focus on what requires human judgment
- Running rule-based investigation workflows to ensure that the payment network rules are applied correctly and consistently to every claim
- Eliminating the handoff delays that come from fragmented systems across fraud, disputes, and compliance
- Giving fraud, disputes, and compliance teams real-time visibility into each case
- Analysing claims within network and regulatory deadlines
- Communicating with cardholders regarding the decision or next steps
- Closing the loop between dispute resolution and fraud prevention, so operational data improves detection upstream
Rethinking how fraud operations are built
This sets up the need for a more intelligent approach to fraud operations.
Forward-thinking issuers are investing in platforms that streamline end-to-end management of fraud cases. The objective is not only to improve the customer experience for valid claims but also to reduce operational friction, improve investigator productivity, and ensure consistent outcomes across large volumes of cases.
Automated dispute workflows are already delivering on this in practice, cutting friendly fraud losses by 40-50% while compressing resolution timelines from weeks to a single day (see our analysis of zero-touch dispute resolution and the CFO case for it).
Rivero’s dispute management platform, Amiko, was built specifically to bring intelligence and automation to fraud and dispute operations.
- Enabling dispute or fraud agents to validate cases, present relevant evidence, and recommend the next best actions to speed up the resolution time and maximise recovery.
- Bringing end-to-end dispute workflow automation from intake to resolution based on rules defined by the issuer.
- Detecting Friendly Fraud and Serial Disputers by considering cardholders’ dispute histories, identifying abnormal dispute frequency, and surfacing behavioural signals linked to first-party misuse, to provide agents with full context instead of isolated claim tickets
The impact of an intelligence fraud and dispute operation goes beyond efficiency. It directly affects loss reduction, customer experience, and an issuer’s ability to keep pace with evolving fraud threats. Without the right infrastructure, banks cannot turn case-level signals into scalable fraud intelligence.